Home
affected
Description
Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default, allowing any attacker with the target IP address to connect and compromise the device, potentially pivoting to connected network or hardware devices.
Problem types
CWE-1391: Use of Weak Credentials
Product status
References
www.kb.cert.org/vuls/id/360686
www.digigram.com/download/pyko-out-user-manual-en-jan-2019/